The CINS Blog

Many IT decision makers are planning to increase their cybersecurity budgets in 2022. Kaspersky shared some research where 86% of IT decision makers in North America said that they were planning to allocate budget for cybersecurity in 2022. Approximately the same percentage of respondents indicated that their… Read More

Collective Intelligence Network Security (CINS) turns 10 years-old this month. To celebrate, I thought I would spend a little time discussing the important functions of this underrated service and reflect on how it’s grown. Let me begin by providing an overview of what the CINS Army is exactly. What Is… Read More

One of the biggest mainstays of an enterprise-level security program is a Security Information and Event Management (SIEM) tool. Just as a quick overview, a SIEM collects and aggregates log data from applications, firewalls, and other devices spread across an organization’s infrastructure. The SIEM then uses that information to identify,… Read More

In early November, the U.S. House of Representatives passed a $1.2 trillion infrastructure bill. The legislation has a lot in it. There’s $7.5 billion set aside for creating a network of EV charging stations across the United States, for instance, with an additional $65 billion earmarked for overhauling the nation’s… Read More

Back in the early 2000s, some didn’t think that the future looked promising for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Gartner was among those voices. As reported by CSO, the research and consulting company said that IDS had surpassed its expectations, had begun to… Read More

In May 2021, the Center for Internet Security (CIS) released Version 8 of its Critical Security Controls (CIS Controls). You’ll recall from our earlier post that this new version did two things. First, it cut down the number of top-level Controls and accompanying Safeguards as part of a reorganization… Read More

We’re in the business of network-based security tools, so we bump into this issue a lot with our customers. It usually goes something like this: The Customer runs a routine vulnerability scan against their own network Their Sentinel blocks the scanning IP The Customer wonders why the scan didn’t… Read More

Current projections suggest that organizations will continue to invest in their Internet of Things (IoT) environments over the next decade. According to MarketWatch, for instance, the global IoT market is expected to reach $1.5993 trillion by 2024 at a CAGR of 21.1%. This forecast reflects how organizations… Read More

The state of cybersecurity for SMBs and municipalities is precarious. On the one hand, plenty are suffering cyber threats that are affecting their ability to conduct business. In a 2021 survey, nine in 10 SMBs that suffered a digital attack revealed that the incident had affected their business. This was… Read More

By now, we all know what happened to Kaseya. The IT management software provider for MSPs and IT teams announced on July 2nd that it had detected a potential attack involving one of its products, which in turn resulted in ransomware compromises in somewhere around 1,000 of… Read More

Organizations have been using the Center for Internet Security’s Critical Security Controls (the CIS Controls) to secure their systems for more than a decade. The Center for Internet Security (CIS) is a non-profit entity that works with the global IT community to help organizations secure themselves against… Read More

It’s been several months since we first learned about the SolarWinds supply chain attacks. Just as a reminder, SolarWinds announced in mid-December that it had suffered a digital attack where malicious actors inserted a vulnerability called “SUNBURST” into certain versions of its Orion Platform IT management software. Read More

Ransomware, malware, and other cyber threats are only increasing in frequency and sophistication, yet many can be avoided with some simple guidance from the CIS Controls developed by the Center for Internet Security. Getting started is the hardest part, but the CIS Controls make it easy, by focusing on the… Read More

We recently hosted a webinar for our customers, walking them through some of the new features in Sentinel Outpost 4.6, showing off a few tips and tricks, and answering a few questions. Read on for a quick summary of the presentation, and click here to watch… Read More

The Sentinel IPS approach to network security maximizes your resources and allows you to make the most efficient use of your team’s time and effort. After all, most of our customers do not have large departments devoted singularly to the tasks of securing complex arrays of digital infrastructure. This approach… Read More

This blog was coauthored by Ted Gruenloh, Sentinel COO and Scott Smith, CISO City of Bryan, Texas. Everything you need to know about CIS Controls, including where to start. Cyber threats will continue to appear in worldwide headlines for the foreseeable future. If you’re reading this, you’re likely looking to… Read More

Unfortunately the recent uptick in ransomware attacks on cities, counties, and school districts is nothing new. Previous municipal ransomware attacks include Atlanta in March 2018, Baltimore in May and two cities in Florida in June. Security threats to organizations of all types and sizes are now constant, pervasive, and dangerous to varying degrees. Read More

Please Note: If your Sentinel isn’t running 4.6 yet, don’t worry. We’re slowly but surely making our way through all our customers’ external IPS devices, updating the software, and in some cases, hardware. If you haven’t heard from us yet, you will soon. Of course if you have any questions,… Read More

Imagine what would happen if a neighborhood a few blocks away from yours started getting hit by a string of burglaries. Would you just sit by and wait to be the next victim? I doubt it. You and your neighbors would probably start looking through police reports and listening to… Read More

Think about the last time you cleaned out your garage or closet. If you’re anything like me, you probably discovered things you never remembered buying, plus an item or two that you thought you’d gotten rid of a long time ago. The same is probably true of your network. The… Read More

(This content appeared in our CINS Army Brief for October 2018. Subscribe here.) “You can’t stop being afraid just by pretending what scares you isn’t there” – Michael Marshall Don’t let fear, uncertainty and doubt drive your network security. Focus on Knowledge, policy, and action. And remember,… Read More

I’m sure you’ve received a flood of emails over the past few weeks and months, all referencing updated Privacy Policies and email subscriptions. You probably already know why: Today, May 25th, the General Data Protection Regulation (GDPR) takes effect across the European Union. This set of laws give consumers… Read More

(This content appeared in our CINS Army Brief for May 2018. Subscribe here.) In memory of Our Fallen Heroes. “We don’t know them all, but we owe them all.” This Memorial Day, we remember with gratitude and pride all those who served and died for… Read More

A couple years ago, we did a series of blogs on common network security misconceptions in local government. Since a lot of that information is still relevant today, we thought we’d go back through as a refresher course. First, let’s talk about “public” information. Just because some of the data… Read More

(This content appears in our CINS Army Brief for April 2018. Subscribe here.) “And on a Friday fell all this mischance,” Chaucer noted in The Canterbury Tales You’ve successfully filed your taxes and Friday the 13th went off without a hitch.  Now for some things… Read More

(This content appears in our CINS Army Brief for March 2018. Subscribe here.) When asked about completing his income tax form Albert Einstein replied, “This is a question too difficult for a mathematician. It should be asked of a philosopher.” While we can’t help with your… Read More

Thanks to Julian Lee from e-ChannelNEWS for the great interview last week. We’re excited about helping those MSPs out there that are beginning to realize how important network security is for their customers. Here’s the full interview, if you’re interested: https://e-channelnews.com/sentinel-ips-is-more-than-an-intrusion-prevention-system-ips-device/  … Read More

We recently gave our company logo a refresh. I wanted to take a couple minutes to tell you about why I think it was important. In with the new …   The What First, let’s talk about the three major changes: The shield itself is a bit beefier, with… Read More

What better time than Halloween to discuss the marketing strategy of Fear, Uncertainty, and Doubt – better known in our industry as FUD? First, I want to concentrate on the F in FUD… The Fear. Uncertainty and Doubt are interesting, but in the business of Network Security, use of… Read More

Please see our notes below on BadRabbit, the latest ransomware threat. First things first. We have several measures in place to detect and stop network communications related to BadRabbit. To see if your Sentinel has detected BadRabbit-related traffic, search your Event Activity page for the term, ‘BadRabbit’. Stay up to date. Read More

In a year chock full of juicy network security headlines, two of the biggest so far have been WannaCry and the Equifax breach. Here’s a quick refresher: WannaCry broke out in May (fizzling shortly thereafter), taking advantage of a known vulnerability in the SMB protocol and utilizing an… Read More

Since 2012 (before Threat Intelligence was cool) we’ve published a public list of malicious IP addresses for the community. It goes by many names: CINS Army, CI Army, CINS … In any case, over 10,000 users (these days those ‘users’ are automated tools, scripts, and open source projects)… Read More

With news breaking on the use of an Apache Struts vulnerability in the recent Equifax breach, we thought we’d shed some light on Struts exploits from our perspective. First and foremost: Our customers should know that no Sentinel appliances or servers within the Sentinel infrastructure are affected… Read More

(Still) Securing the Internet of Things Ahh, IoT. Remotely monitoring and configuring your doorbell, washer and dryer, thermostat, security cameras, or just about any applicance or wearable you can imagine is pretty cool. And, the list of IoT devices gets larger every day. But here’s the rub on IoT devices:… Read More

National Internet Safety Month is designated by the U.S. Congress and supported by the National Cyber Security Alliance. NCSA advises everyone to follow three easy steps before going online: Stop. Think. Connect.™ At Sentinel IPS, we couldn’t agree more. Stop. Every time you access the Internet is an… Read More

By now, I’m sure you’re aware of the WannaCry ransomware strain (also known as WanaCrypt0r and Wcry), which broke out over this past weekend. It is currently distributed via a Windows operating system vulnerability in the SMB protocol, and has infected networks in 150 countries worldwide. A lot has happened… Read More

If you haven’t already heard, Locky is back! Borrowing another tactic from the Dridex playbook, we’re seeing the Locky campaign use malicious .pdf email attachments as its preferred infection vector. Once opened, the .pdf requests to extract and open a second file (an embedded Office document) which then prompts… Read More

Metro Community Provider Network (MCPN) – a public health nonprofit was fined and paid a $400,000 penalty for allowing a hacker to access employee email accounts and obtain electronic protected health information (ePHI) of 3,200 patients. MCPN provides primary care, pharmacies, social work, dental and behavioral care to approximately… Read More

I’ve been in the Network Security industry for more than 20 years, which may be the only reason my entire life was not compromised. Read More

The Concept

By now, you may have heard of our CINS Army Initiative. (CINS stands for Collective Intelligence Network Security.) Read More

FOR RELEASE Contact: Ginny McAdams +1.972.991.5005 x114 [email protected] Sentinel IPS Launches CINS Army New Initiative Using specific and actionable data to strengthen collective IT network security DALLAS – Dec. 13, 2016 – Sentinel IPS, a long-time sponsor of the Collective Intelligence Network Security (… Read More

THE BOUNCER GUY COMPARISON

Deep packet inspection versus firewall protection aka The Bouncer. Read More

THE NECKTIE ANALOGY

When is a necktie requirement more like a network security noose? Read on to find out how the best ruleset intentions can go awry and how Sentinel IPS protects your network. Read More

Business concept photo.Businessman working investment project modern office.Touching pad contemporary laptop. Worldwide connection technology,stock exchanges graphics interface. Did you know October is National Cyber Security Awareness Month? It’s an annual campaign to raise awareness of cybersecurity sponsored by the Department of Homeland Security. According to the DHS, “We live… Read More

Virtual Touchscreen with Support wording You will probably find this question at the end of a blog, on an online “submit” form, on a customer ticket, or any other service-related web page you use daily. “How likely are you to recommend THIS WHATEVER to your friends and colleagues?” Then, you… Read More

One of the most confusing aspects of malware is that infiltrators never devised a better method of getting their software onto networks. Up to this point, ransomware and malware developers have relied on phishing emails and watering holes (targeted, compromised web sites hosting malicious code) as delivery methods;… Read More

ransomware eye looks at viewer concept. A quick bit of background before we dive into the topic of today’s post — the evolution of ransomware. What follows is an admittedly incomplete list of the evolutions and variants of the Cryptolocker virus. Cryptolocker — The granddaddy. Infections occurred through spam,… Read More

Today, in the final installment of our Security Spring Clean series, we encourage you to be bold. We are going to guess, and we think we will be right, that somewhere in the back corner of your server room there’s a box that has been plugged into the switch since… Read More

Having the right hardware is important. Software too. And you know how we feel about the importance of training your people. But the heart of any business is its data. For some businesses, it helps them get products to market faster. For other businesses, the data is the product. Read More

The weakest part of any network isn’t some tool in the data center or some device on the wire. No, it’s the people who are logging in. We’ve said it repeatedly here, and as long as people keep providing us with examples to cite then we’ll keep saying it over… Read More

If science does anything for you then you’ve no doubt heard of the large hadron collider. It’s the particle accelerator operated by CERN, the European agency focused on nuclear research. The organization recently decided that it was time for large-scale improvements to its most powerful piece of equipment. Read More

Traditionally, network security has been reactionary. Protection didn’t often happen until after infection. But in the early days that was OK. Compared to now, networks weren’t complicated. Finding and removing malicious software was relatively easy. Today, however, networks are more complicated and the abilities of hackers to get inside are… Read More

Security headlines over the last week or so have been talking about Russian police raids at the end of November that may have put an end to the Dyre malware variant. The ring of cybercriminals taken down in those raids was almost the exclusive users of Dyre — malware that… Read More

Network security can’t be a passive thing. Those who want into your network are constantly figuring out new ways to get there. If you’ve read this blog for any length of time, that should be a somewhat familiar message. And if that message feels familiar, so should this one. Read More

The annual list of bad passwords was released last week. The list for 2015 looks a lot like the list for the previous years. Still, these are always good for a bewildered chuckle. Password is still an unfortunately popular password. So is 123456 and the longer 12345678. Sequential key combinations… Read More

There was a lot of talk last week about Microsoft putting its browser Internet Explorer out to pasture. If you missed the news — hard to do for anyone with even a passing interest in technology, but not impossible — the software giant announced that it was no longer… Read More

Over the last few weeks, we’ve been looking at common security misconceptions that plague state and local governments. There’s one more that we’ll examine on the blog although we identify six in the ebook we recently published. This last one is different than the three that have come… Read More

There’s nothing new about social engineering. It’s old-fashioned con artistry with a fancier sounding name. The Trojans had their horse. The schemer on the streets has his game of three-card Monte. And hackers and cybercriminals have their own tactics. You’ve no doubt heard of (and received) phishing emails, when… Read More

Here’s a pretty staggering number: 34,220,504. That’s the number of personal records exposed, according to the Identity Theft Resource Center, through November 2015 because of government data breaches. While that number does include some pretty high profile federal breaches, it also includes many more at the local level that… Read More

The Tarrant County Courthouse located in Fort Worth, Texas. NRHP Ref 70000762. There’s a saying that we’ve always liked: It’s a poor artist who blames his tools. There are other versions of that. They usually replace the word artist with workman, but we like our version better. Either way, though,… Read More

We are going to admit right from the outset that this post will seem self-serving. We are a company that provides a managed security service, so when we say what we are going to say you’ll think to yourself, “Well, sure. Of course that’s your opinion.” But, we’re going… Read More

A dive in to our CINS data revealed some telling numbers with regard to network security in state and local government agencies, including education – the so-called SLED organizations. The bottom line? The vast majority of critical malware-related alerts we see on our Sentinels come from the Government… Read More

We’ve all seen them, whether we are at work or at home, those update boxes that pop up and tell us that there’s a new version of some piece of software that we probably didn’t know we had or didn’t think was important. We’ve all probably had the same reaction:… Read More

An interesting study just released by the Pell Center for International Relations and Public Policy at Salve Regina University on the state of cybersecurity readiness in state governments confirmed what our own data has been showing us. And that’s this: State and local governments are woefully behind… Read More

It’s only natural for the growth of certain technologies to slow as they become more and more commonplace. That’s why the headlines talking about the slowing growth of the tablet or smart phone market are always a little surprising. Of course the growth of those markets is going to slow… Read More

Unless you make it a habit of reading blogs about bitcoin or spend your spare time on sites dedicated to network security then you may have missed the announcement last week by the FBI on ransomware. OK, to be fair, it wasn’t an official announcement, just a comment from… Read More

Are we witnessing the death of malware? According to this story at InfoWorld the answer seems to be … maybe. While it will likely never go away completely, it’s less and less becoming the tool of choice for many hackers. It seems, according to several studies quoted… Read More

If you’ve watched TV at all over the last few months you’ve no doubt seen the commercial from IBM regarding network security. The set up is a series of fake newscasts reporting that a large company didn’t have a data breach. It’s clearly a dig at all… Read More

A lot of our business over the years has been built at tradeshows, getting in front of potential customers and showing them the power of the Sentinel IPS product. That’s why we still make it a point to attend several throughout the year. That includes going to several of… Read More

The recently announced hack of the web-based version of the WhatsApp messaging service didn’t draw a lot of attention. Why should it? The number of people affected was relatively small in comparison to other recent hacks — just (just?!) 200,000 users. Another reason that this hack went relatively unnoticed was… Read More

In today’s world, the landscape of network security is constantly evolving. High profile security breaches and vulnerabilities (think Ashley Madison, Target, and Heartbleed) have prompted increased awareness of cybersecurity, spurring on the continued advancement of emerging technologies. But even the creation of updated devices and highly technical tools hasn’t… Read More

It’s a question we get regularly. “Do you guys protect against DDoS?” The question makes sense. Distributed Denial of Service attacks should be top of mind for business owners and network security professionals. The data bears that out. Consider these statistics from a recent study on the state… Read More

Quick disclaimer: We won’t be talking about specific security tools in this post, because, as you will see, layered security isn’t about specific tools. It’s about building visibility into your network, and since your network is unique the tools that makes sense for you might not make sense for… Read More

The limit to what modern technology can do seems to have no ceiling, but neither does the intricacy and methods by which your secure data can be breached. Any organization hoping to protect its information employs security measures not only through its hardware and software, but also through the team… Read More

For small businesses wanting to get serious about security, there are two attitudes that need to change. ‘I’m too small to hack.’ The first is that your business doesn’t have information worth stealing. It’s not true. It’s important to recognize that even as a small business you have information that’s… Read More

You’re to be forgiven if where you’ve placed a lot of your network defenses is on your system’s spam filter. After all, until as recently as 2010, 90 percent of all email messages sent qualified as spam. That’s not true anymore. According to security firm Symantec, the number… Read More

When you call your business Hacking Team, a few chuckles when you are the victim of a hack are understandable. Unfortunately, so are the pained expressions when people find out why you got breached. News went from bad to worse in early July for the Italian company Hacking Team after… Read More

In an IT world where budgets are shrinking but responsibilities are growing, it’s becoming far too commonplace to see teams of only one or two people attempt to manage technology for an entire organization. Not only are they trying to manage a data center, they are also tasked with managing… Read More

It seems like we hear stories on yet another security breach every day. OPM is the biggest one lately, and there might even be another ‘big’ breach by the time I’m finished writing this post. One of my favorites recently was the Astros ‘hack’. The St. Louis Cardinals had… Read More

The Office of Personnel Management. It has a predictably boring name for a government office. Essentially, the Office of Personnel Management is human resources for the government’s civil service employees. When it comes to hackers and government offices, this might seem like low hanging fruit. In reality, it’s just the… Read More

Third-party contractors and vendors are increasingly necessary for doing business, but are typically the weakest links in the cyber security chain. Just look at the headlines. A compromised contractor login is believed to be behind a pair of recent breaches at the U.S. Office of Personnel Management. The first… Read More

Last week, the Sentinel IPS team traveled to the SUNY Tech Conference in Lake Placid, New York to catch up with some customers and learn about what new technologies are shaping the future of education. This year’s conference theme was all about Connected Learning, or how disciplines like technology… Read More

Our culture has co-opted the idea of hacking and hackers. A term that was once used to describe the process of secretly gaining access to a computer system, or at least the person trying to find their way in, hacking is now being tied to a host of other activities. Read More

We are pleased to announce the launch of our new and improved website, designed with visitors like you in mind. Whether it’s something as simple as creating a website that’s easy to navigate or complicated as designing an effective, easy-to-use Managed IPS solution, Sentinel IPS works endlessly to… Read More